Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/QtOh4skHfRgrqeZ2ykqTsRjIgLU.roa
File: QtOh4skHfRgrqeZ2ykqTsRjIgLU.roa (raw, json)
Hash identifier: rTo0HYRP2iEuzuJVFY/XYKNAR3fwVuDPTx+GuKjpO1o=
Subject key identifier: 42:D3:A1:E2:C9:07:7D:18:2B:A9:E6:76:CA:4A:93:B1:18:C8:80:B5
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 019354901B259685945A2030DDD4D47222BA
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/QtOh4skHfRgrqeZ2ykqTsRjIgLU.roa
Signing time: Fri 22 Nov 2024 15:49:10 +0000
ROA not before: Fri 22 Nov 2024 15:49:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58057
IP address blocks: 45.12.68.0/22 maxlen: 24
45.136.136.0/22 maxlen: 24
93.88.200.0/21 maxlen: 24
94.177.122.0/24 maxlen: 24
185.232.117.0/24 maxlen: 24
193.33.94.0/23 maxlen: 24
193.163.86.0/24 maxlen: 24
194.50.92.0/24 maxlen: 24
194.50.94.0/24 maxlen: 24
2a04:ccc0:ffff::/48 maxlen: 48
2a04:ccc1::/32 maxlen: 48
2a04:ccc3::/32 maxlen: 48
2a04:ccc4::/32 maxlen: 48
2a04:ccc5::/32 maxlen: 48
2a04:ccc6::/32 maxlen: 48
2a04:ccc7::/32 maxlen: 48
2a09:4c0::/29 maxlen: 64
2a0c:3b80::/32 maxlen: 48
2a0c:3b81::/32 maxlen: 48
2a0c:3b82::/32 maxlen: 48
2a0c:3b83::/32 maxlen: 48
2a0c:3b84::/32 maxlen: 48
2a0c:3b85::/32 maxlen: 48
2a0c:3b86::/32 maxlen: 48
2a0e:97c0:1d0::/44 maxlen: 44
2a0e:97c0:260::/44 maxlen: 44
2a0e:97c1:200::/40 maxlen: 48
2a0e:97c3:110::/44 maxlen: 48
2a0e:97c4:120::/44 maxlen: 48
2a0e:b107:9f2::/48 maxlen: 48
2a0e:b107:1165::/48 maxlen: 48
2a0e:b107:1786::/48 maxlen: 48
2a0e:b107:21c0::/45 maxlen: 48
2a0e:b107:2220::/45 maxlen: 48
2a0e:b107:2228::/45 maxlen: 48
2a0f:e404:102::/48 maxlen: 48
2a10:2f00:18d::/48 maxlen: 48
2a10:2f00:18f::/48 maxlen: 48
2a10:2f00:193::/48 maxlen: 48
2a10:cc40:250::/44 maxlen: 48
2a10:cc45:130::/44 maxlen: 44
Validation: Failed, certificate revoked on Fri 20 Dec 2024 12:47:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:54:90:1b:25:96:85:94:5a:20:30:dd:d4:d4:72:22:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Nov 22 15:49:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=42d3a1e2c9077d182ba9e676ca4a93b118c880b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:de:c0:9f:27:25:39:2d:e6:72:f6:24:de:93:
5d:e9:55:28:3a:ac:b4:eb:1f:73:00:bd:0d:1d:b6:
5a:0e:e8:e5:5e:7c:31:03:48:c2:87:5b:0b:47:a7:
00:4a:e5:7f:5b:b5:8c:f3:44:8f:9e:0e:69:a7:fd:
d9:6a:5d:c9:bb:f2:fc:b7:a2:88:d5:f5:be:d2:fb:
20:cb:34:df:37:21:a3:dc:80:04:4e:09:bc:21:d1:
25:ac:c2:28:d4:22:52:d5:bc:3b:84:30:b8:f5:08:
49:c0:74:69:a4:f4:b0:ba:e1:91:a6:ae:a7:77:36:
8e:e6:6c:0e:49:3b:f0:e7:9a:e1:32:e3:9a:93:8a:
06:1c:4b:9b:db:49:fd:30:68:09:3e:cc:12:7f:5a:
79:74:04:05:96:ba:2d:1f:ff:62:34:de:31:1a:8e:
04:e5:e5:60:fd:c3:dd:a7:b6:bc:da:24:42:2c:ac:
97:e6:64:a7:92:3a:2a:31:f7:db:f4:d2:c4:dd:3f:
7b:af:90:db:75:ab:e5:da:36:0a:2e:f3:43:a8:92:
bd:05:cd:fe:fe:7a:6d:e9:d3:de:c0:56:7d:7f:ad:
f0:98:e1:26:40:14:4d:02:81:b9:19:58:6b:e5:29:
a9:a2:11:15:ba:70:cb:26:aa:9d:36:6c:29:dc:64:
69:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:D3:A1:E2:C9:07:7D:18:2B:A9:E6:76:CA:4A:93:B1:18:C8:80:B5
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/QtOh4skHfRgrqeZ2ykqTsRjIgLU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.12.68.0/22
45.136.136.0/22
93.88.200.0/21
94.177.122.0/24
185.232.117.0/24
193.33.94.0/23
193.163.86.0/24
194.50.92.0/24
194.50.94.0/24
IPv6:
2a04:ccc0:ffff::-2a04:ccc1:ffff:ffff:ffff:ffff:ffff:ffff
2a04:ccc3::-2a04:ccc7:ffff:ffff:ffff:ffff:ffff:ffff
2a09:4c0::/29
2a0c:3b80::-2a0c:3b86:ffff:ffff:ffff:ffff:ffff:ffff
2a0e:97c0:1d0::/44
2a0e:97c0:260::/44
2a0e:97c1:200::/40
2a0e:97c3:110::/44
2a0e:97c4:120::/44
2a0e:b107:9f2::/48
2a0e:b107:1165::/48
2a0e:b107:1786::/48
2a0e:b107:21c0::/45
2a0e:b107:2220::/44
2a0f:e404:102::/48
2a10:2f00:18d::/48
2a10:2f00:18f::/48
2a10:2f00:193::/48
2a10:cc40:250::/44
2a10:cc45:130::/44
Signature Algorithm: sha256WithRSAEncryption
24:8a:31:94:6c:88:92:17:74:14:4c:76:cd:4c:94:19:ca:8e:
26:6f:2f:d5:d7:86:e8:97:a1:da:36:04:bf:92:98:71:3f:9a:
54:cc:c7:07:c6:8c:b0:d3:98:d0:58:73:01:43:57:0c:53:79:
5a:64:5c:8b:f1:56:d5:68:fc:9f:da:a3:22:c5:83:5c:94:3d:
d3:d8:7e:40:28:1b:44:12:19:51:7c:83:d2:34:f7:73:fb:a1:
a3:95:e2:9d:cc:aa:b8:c1:7b:63:aa:bc:1a:04:9f:88:80:a4:
07:2d:4b:44:6d:09:84:82:ef:de:8e:75:ad:03:fa:83:a5:cf:
dd:50:77:52:17:67:09:5b:19:ca:b0:34:4f:06:92:82:2b:90:
28:65:25:b1:e0:dd:63:d0:59:55:22:d1:d1:96:6c:cf:4a:a4:
84:b1:8d:d8:ae:0b:19:89:2f:9e:ae:52:d7:62:c1:95:02:e8:
cc:bf:30:77:04:14:db:52:ba:68:45:9a:1f:a9:01:45:99:2d:
a9:82:b2:b9:de:09:e9:d0:45:d2:cf:4f:ea:a0:6e:90:3a:86:
04:5f:de:fa:8d:bd:38:f2:fa:ec:70:5e:74:bb:0e:cc:48:31:
62:32:65:27:a0:50:10:91:99:29:a3:09:02:fd:49:df:a5:1f:
67:e2:7a:3f
-----BEGIN CERTIFICATE-----
MIIGBTCCBO2gAwIBAgISAZNUkBslloWUWiAw3dTUciK6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQxMTIyMTU0OTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmQzYTFlMmM5MDc3ZDE4MmJhOWU2NzZjYTRhOTNiMTE4Yzg4MGI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArN7AnyclOS3mcvYk3pNd6VUoOqy0
6x9zAL0NHbZaDujlXnwxA0jCh1sLR6cASuV/W7WM80SPng5pp/3Zal3Ju/L8t6KI
1fW+0vsgyzTfNyGj3IAETgm8IdElrMIo1CJS1bw7hDC49QhJwHRppPSwuuGRpq6n
dzaO5mwOSTvw55rhMuOak4oGHEub20n9MGgJPswSf1p5dAQFlrotH/9iNN4xGo4E
5eVg/cPdp7a82iRCLKyX5mSnkjoqMffb9NLE3T97r5Dbdavl2jYKLvNDqJK9Bc3+
/npt6dPewFZ9f63wmOEmQBRNAoG5GVhr5SmpohEVunDLJqqdNmwp3GRpdwIDAQAB
o4IDETCCAw0wHQYDVR0OBBYEFELToeLJB30YK6nmdspKk7EYyIC1MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvUXRPaDRza0hmUmdycWVaMnlrcVRzUmpJZ0xVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBJQYIKwYBBQUHAQcBAf8EggEUMIIBEDA8BAIAATA2AwQC
LQxEAwQCLYiIAwQDXVjIAwQAXrF6AwQAueh1AwQBwSFeAwQAwaNWAwQAwjJcAwQA
wjJeMIHPBAIAAjCByDAQAwcAKgTMwP//AwUBKgTMwDAOAwUAKgTMwwMFAyoEzMAD
BQMqCQTAMA4DBQcqDDuAAwUAKgw7hgMHBCoOl8AB0AMHBCoOl8ACYAMGACoOl8EC
AwcEKg6XwwEQAwcEKg6XxAEgAwcAKg6xBwnyAwcAKg6xBxFlAwcAKg6xBxeGAwcD
Kg6xByHAAwcEKg6xByIgAwcAKg/kBAECAwcAKhAvAAGNAwcAKhAvAAGPAwcAKhAv
AAGTAwcEKhDMQAJQAwcEKhDMRQEwMA0GCSqGSIb3DQEBCwUAA4IBAQAkijGUbIiS
F3QUTHbNTJQZyo4mby/V14bol6HaNgS/kphxP5pUzMcHxoyw05jQWHMBQ1cMU3la
ZFyL8VbVaPyf2qMixYNclD3T2H5AKBtEEhlRfIPSNPdz+6GjleKdzKq4wXtjqrwa
BJ+IgKQHLUtEbQmEgu/ejnWtA/qDpc/dUHdSF2cJWxnKsDRPBpKCK5AoZSWx4N1j
0FlVItHRlmzPSqSEsY3YrgsZiS+erlLXYsGVAujMvzB3BBTbUrpoRZofqQFFmS2p
grK53gnp0EXSz0/qoG6QOoYEX976jb048vrscF50uw7MSDFiMmUnoFAQkZkpowkC
/UnfpR9n4no/
-----END CERTIFICATE-----
Generated at Fri Dec 20 16:54:57 2024 by rpki-client on console-ams.rpki-client.org